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The verification of real-time properties requires model checking techniques for quantitative 
temporal structures and real-time temporal logics. However, up to now, most of those 
problems were solved by a translation into a standard CTL model checking problem with 
unit-delay structures. Although usual CTL model checkers like SMV can be used then, the 
translation leads to large structures and CTL formulas, such that the verification requires 
large computation times and only small circuits can be v ... 

Keywords: formal verification, model-checking, real-time systems, quantitative temporal 
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We show how LTL model checking can be reduced to CTL model checking with fairness 
constraints. Using this reduction, we also describe how to construct a {\em symbolic} LTL 
model checker that appears to be quite efficient in practice. In particular, we show how the 
SMV model checking system developed by McMillan [16] can be extended to permit LTL 
specifications. The results that we have obtained are quite surprising. For the specifications 
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considered for automated analysis of software. 
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In abstract model-checking, the semantics of an infinite transition system is abstracted to 
get a finite approximation on which temporal-logic/p-calculus model-checking can be 
directly applied. 

The paper proposes two improvements of abstract model-checking which can be applied to 
infinite abstract transition systems: 

iA new combination of fo ... 
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Although model checking has proven remarkably effective in detecting errors in hardware 
designs, its success in the analysis of software specifications has been limited. Model 
checking algorithms for hardware verification commonly use Binary Decision Diagrams 
(BDDs) to represent predicates involving the many Boolean variables commonly found in 
hardware descriptions. Unfortunately, BDD representations may be less effective for 
analyzing software specifications, which usually contain no ... 

Keywords: SCR, abstraction, model checking, requirements specification, verification 
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Sergio Campos, Edmund M. Clarke, Orna Grumberg 
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Full text available: ||] p ub | jsher Sjte Additional Information: full citation , abstract , references , index terms 

In this work we propose a verification methodology consisting of selective quantitative 
timing analysis and interval model checking. Our methods can aid not only in determining if 
a system works correctly, but also in understanding how well the system works. The 
selective quantitative algorithms compute minimum and maximum delays over a selected 
subset of system executions. A linear-time temporal logic (LTL) formula is used to select 
either infinite paths or finite interv ... 

Keywords: LTL model checking, quantitative timing analysis, real-time systems, symbolic 
model checking, temporal logic model checking 
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August 2000 Proceedings of the third workshop on Formal methods in software 
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Full text available: pdf(385.20 KB) Additlonal Information: full citation, abstract, references , citings, index 

: terms 

While it is becoming more common to see model checking applied to software requirements 
specifications, it is seldom applied to software implementations. The Automated Software 
Engineering group at NASA Ames is currently investigating the use of model checking for 
actual source code, with the eventual goal of allowing software developers to augment 
traditional testing with model checking. Because model checking suffers from the state- 
explosion problem, one of the main hurdles for program ... 
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7 An automata-theoretic approach to modular model checking 
Orna Kupferman, Moshe Y. Vardi 

January 2000 ACM Transactions on Programming Languages and Systems (TOPLAS), 

Volume 22 Issue 1 

Full text available: " B pdf(458.27 KB) Additional Information: full citation, abstract, references, citings, index 

: terms 

In modular verification the specification of a module consists of two part. One part 
describes the guaranteed behavior of the module. The other part describes the assumed 
behavior of the system in which the module is interacting. This is called the assume- 
guarantee paradigm. In this paper we consider assume-guarantee specifications in which 
the guarantee is specified by branching temporal formulas. We distinguish between two 
approaches. In the first approac ... 

Keywords: automata, modular verification, temporal logic 
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Roderick Bloem, Kavita Ravi, Fabio Somenzi 

June 2000 Proceedings of the 37th conference on Design automation 

Full text available: f£l pdf(110.11 KB) Additional Information: full citation , abstract, references , citings , index 
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CTL model checking of complex systems often suffers from the state-explosion problem. We 
propose using Symbolic Guided Search to avoid difficult-to-represent sections of the state 
space and prevent state explosion from occurring. Symbolic Guided Search applies hints to 
guide the exploration of the state space. In this way, the size of the BDDs involved in the 
computation is controlled, and the truth of a property may be decided before all states have 
been explored. In this work, ... 

9 Action Language: a specification language for model checking reactive systems 
Tevfik Bultan 

June 2000 Proceedings of the 22nd international conference on Software engineering 

Full text available- fiB pdf(299 62 KB) Additional Information: full citation , abstract , references , citings, index 
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We present a specification language called Action Language for model checking software 
specifications. Action Language forms an interface between transition system models that a 
model checker generates and high level specification languages such as Statecharts, RSML 
and SCR— similar to an assembly language between a microprocessor and a programming 
language. We show that Action Language translations of Statecharts and SCR specifications 
are compact and they preserve the structure of th ... 

Keywords: model checking, reactive systems, specification languages 
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January 2000 ACM Transactions on Software Engineering and Methodology (TOSEM), 
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Full text available' 1 ?|pdf(400 17 KB) Additional Information: full citation , abstract , references , citings , index 

terms 

There has been a surge of progress in automated verification methods based on state 
exploration. In areas like hardware design, these technologies are rapidly augmenting key 
phases of testing and validation. To date, one of the most successful of these methods has 
been symbolic model-checking, in which large finite-state machines are encoded into 
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Orna Kupferman, Moshe Y. Vardi, Pierre Wolper 

March 2000 Journal of the ACM (JACM), volume 47 issue 2 

Full text available: pdf(379 70 KB) Additional Information: full citation , abstract , references , citings , index 
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Translating linear temporal logic formulas to automata has proven to be an effective 
approach for implementing linear-time model-checking, and for obtaining many extensions 
and improvements to this verification method. On the other hand, for branching temporal 
logic, automata-theoretic techniques have long been thought to introduce an exponential 
penalty, making them essentially useless for model-checking. Recently, Bernholtz and 
Grumberg [1993] have shown that this exponential penalty can ... 
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Henny B. Sipma, Tomas E. Uribe, Zohar Manna 

July 1999 Formal Methods in System Design, Volume 15 issue l 

Full text available* (SHI Additional Information: full citation , abstract , references , citings, index 
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We present an extension of classical tableau-based model checking procedures to the case 
of infinite-state systems, using deductive methods in an incremental construction of the 
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